exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files from Nicolas Chatelain

Email addressn.chatelain at sysdream.com
First Active2016-02-26
Last Active2020-04-17
Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution
Posted Apr 17, 2020
Authored by Nicolas Chatelain | Site metasploit.com

This Metasploit module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root.

tags | exploit, arbitrary, root, php, vulnerability, code execution
advisories | CVE-2020-5847, CVE-2020-5849
SHA-256 | 35b12f162c0f93f5dcd8552c4530c13b6a4979bffe9b0558493c22aea31db7e7
UCOPIA Wireless Appliance Privilege Escalation
Posted Sep 29, 2017
Authored by Nicolas Chatelain

UCOPIA Wireless Appliance version prior to 5.1.8 suffer from a chroot escape privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-11322
SHA-256 | 4f7e58adbfdd9de93ccaebd67d649ffa90a374c7320277dc04695c119db02908
UCOPIA Wireless Appliance Restricted Shell Escape
Posted Sep 29, 2017
Authored by Nicolas Chatelain

UCOPIA Wireless Appliance version prior to 5.1.8 suffer from a restricted shell escape vulnerability.

tags | exploit, shell
advisories | CVE-2017-11321
SHA-256 | b89bf2b19931af9f45509a36fd07550ef582566bfe0c8c59bec4e7227f00f09b
SPIP 3.1.2 Server Side Request Forgery
Posted Oct 20, 2016
Authored by Nicolas Chatelain

SPIP versions 3.1.2 and below suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2016-7999
SHA-256 | dc168e14bb0b3787609859406eb46abb5130f843e9d1a807bf27946a599a5c1e
SPIP 3.1.2 Template Compiler / Composer PHP Code Execution
Posted Oct 20, 2016
Authored by Nicolas Chatelain

SPIP versions 3.1.2 and below suffer from a PHP code execution vulnerability.

tags | exploit, php, code execution
advisories | CVE-2016-7998
SHA-256 | 8fc707c64156c47e3eeb576edeae6ae8b7c1ca5620aec6068862b998fb7cc40c
SPIP 3.1.2 File Enumeration / Path Traversal
Posted Oct 20, 2016
Authored by Nicolas Chatelain

SPIP versions 3.1.2 and below suffer from file enumeration and path traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
advisories | CVE-2016-7982
SHA-256 | d2ab8b128415b09ef61ba0c89730401c75aa3f4ce322dd43fb4058ccc0950ac5
SPIP 3.1.2 Cross Site Scripting
Posted Oct 19, 2016
Authored by Nicolas Chatelain

SPIP versions 3.1.2 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-7981
SHA-256 | 82f26ce8d2e06a0310943f86601d4af8ea95702997bd1830df30452763eead8f
SPIP 3.1.2 Cross Site Request Forgery
Posted Oct 19, 2016
Authored by Nicolas Chatelain

SPIP versions 3.1.2 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2016-7980
SHA-256 | ac70a9fadf7bb6167051a6bc6282e4fffb3814c2ba5b4c38bd4c9d0a3de2e8c3
Centreon Web Interface 2.5.3 Command Execution
Posted Jul 27, 2016
Authored by h00die, Nicolas Chatelain | Site metasploit.com

Centreon Web Interface versions 2.5.3 and below utilize an ECHO for logging SQL errors. This functionality can be abused for arbitrary code execution, and can be triggered via the login screen prior to authentication.

tags | exploit, web, arbitrary, code execution
SHA-256 | 5c09582d8455d486f9a8b546afc64ba7e1c0033c02c90405893cf9e6a8d35f16
WordPress iThemes Security Insecure Backup / Logfile Generation
Posted Apr 21, 2016
Authored by Nicolas Chatelain

WordPress iThemes Security suffers from insecure backup and logfile generation vulnerabilities.

tags | exploit, vulnerability
SHA-256 | e3308d1fef8c8d026f085134a8bb431d3946592ebc3e93771257b503662abd8d
Netgear ReadyNAS Remote Code Execution
Posted Mar 12, 2016
Authored by Nicolas Chatelain

Netgear ReadyNAS suffers from a remote root code execution vulnerability.

tags | exploit, remote, root, code execution
SHA-256 | da4fd8bf1cf5bd9202939593d196158f1bb0d93705398477332bb1daebc93c97
Proxmox VE 3 / 4 XSS / Privilege Escalation / Code Execution
Posted Feb 27, 2016
Authored by Nicolas Chatelain

Proxmox VE versions 3 and 4 suffers from privilege escalation, code execution, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
SHA-256 | 377a4d6e4e3f59329037f6605c912134206657cbddc009f577acf4a0c93a7e43
Centreon 2.5.3 Code Execution
Posted Feb 26, 2016
Authored by Nicolas Chatelain

Centreon versions 2.5.3 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 3c4451947909782cb24cf03b689934f5d565641465aa23686ec6df8df29ff586
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close